security and intelligence

“Silence was imperative…”

Peter Wright (1987, pp. 70-71) recounts the tale of a delicate MI5 operation to bug an embassy in London:

The house next door was temporarily empty, and A2 obtained access to install a series of microphones. Hugh Winterborn and I led a team of twelve officers from A Branch. Silence was imperative because we knew that the target premises were permanently manned near the party wall. I made a tremendous fuss insisting that everyone remove his shoes to avoid making noise on the bare floorboards. We worked nonstop for four hours in the freezing cold. All the floorboards on the first floor had been raised and I was patiently threading the cables along the void between the joists. After a time one of the leads became tangled on a split joist. Unable to clear the obstruction by hand, I began to ease myself down until one foot was resting on a masonry nail sticking out from one side of a joist. Just as I was inching toward the tangled cable, the nail gave way, and I plunged through the ceiling below. A large section of ceiling crashed fourteen feet to the floor below, reverberating around Portland Place like a wartime bomb. The noise and dust subsided, leaving me wedged tightly up to my waist in the hole in the ceiling. For a moment there was total silence.

“Good thing we removed our shoes,” quipped Winterborn dryly as laughter began to echo around the empty building.

– Peter Wright (1987, pp. 70-71), Spycatcher. Viking Penguin, Inc.

XOR encryption

GCHQ recently posted the following JavaScript code on its Instagram and Twitter accounts:

The code contains two messages. The first is represented as a simple numerical encoding. The second is a secret message that has been encrypted, alongside code for decrypting it. Here are some clues to make sense of how this second message has been encrypted.

The message uses a symmetric-key encryption approach, the XOR cipher, that involves applying the exclusive or (XOR) operator to each letter of the message and the key, recycling the key until all characters have been decoded. The secret message is wrapped up in a Base64 encoding, which is a way of ensuring that all its characters are printable letters and symbols, so it’s possible to include the message within the JavaScript as “gNSkYr+VqyGl1Lhko8fqYq7UpGajiuo67w==”.

Here’s a shorter version of the code in R:

gchq_message <- "gNSkYr+VqyGl1Lhko8fqYq7UpGajiuo67w==" |>
                   base64enc::base64decode()
gchq_key <- c(0xc6, 0xb5, 0xca, 0x01) |> as.raw()
xor(gchq_message, gchq_key) |> rawToChar()

(No spoilers here…)

So, the steps to decrypt are:

Translate the Base64 encoded message to raw bytes
XOR those raw bytes with the key
Translate the bytes to ASCII characters so we can read the message

The nice thing about this form of encryption is that the same algorithm does both encrypting and decrypting. So, if you wanted to reply, “No thanks, I’m good” you just do the same in reverse:

Translate your ASCII text message to raw bytes
XOR those bytes with the key
Translate the result to Base64

In R:

"No thanks, I'm good" |>
  charToRaw() |>
  xor(gchq_key) |>
  base64enc::base64encode()

This gives “iNrqda7UpGq1mepI4djqZqnarg==”.

Fun! Also, I have a tattoo that uses the same approach, except I used Braille ASCII instead of Base64 to ensure that all the characters were tattooable 🙂

If you’re watching The Undeclared War, look out for the shout out to Base64 too:

But why is the key c6b5ca01? It’s not obviously the letters G, C, H, Q. In decimal, it looks like an IP address, but there’s nothing obvious at 198.181.202.1, and any four 8 bit numbers look like an IP address if you stare long enough.

Hewitt and Harman v. the UK

This is an interesting case from a while back. concerning Patricia Hewitt and Harriet Harman.

“In 1985, evidence emerged that MI5 (also known as the Security Service) was systematically infringing the applicants’ rights under the [Euro Human Rights] Convention when a former officer of MI5, Ms Cathy Massiter, made certain allegations to this effect on a television program. According to Ms Massiter, the applicants had been classified as subversive and as communist sympathizers, and these grave libels were published within MI5 and were available for publication to other agencies with whom MI5 had a relationship. Their files recorded details of passport applications, data from surveillance by local police, Special Branch and by special agents, and references to them or by them on telephone intercepts picked up under warrants issued in relation to other persons. Such intercepts, in the second applicant’s case, were likely to include confidential conversations which she, as a practising solicitor, had had with certain of her clients. The first applicant’s file included information about her personal relationship with a former member of the Communist Party. Surveillance of both applicants was continued after they had left the National Council for Civil Liberties on the basis that they were both candidates for elected office.

“On 19 May 1986, the applicants lodged an application with the European Commission of Human Rights against the United Kingdom government alleging breaches of their right to privacy (Article 8), their right to freedom of expression (Article 10), their right to freedom of association (Article 11) and their right to an effective remedy (Article 13) in respect of the violations arising from the nature and consequences of the surveillance to which they had been subjected by MI5. The application was declared admissible on 12 May 1988.

“In its Report dated 9 May 1989 the Commission concluded by a majority that given the existence of practices in the United Kingdom permitting secret surveillance and given further the reasonable likelihood that the applicants were the subjects of surveillance the compilation and retention by the Security Service of information concerning the private lives of the applicants constituted an infringement of their right to privacy under Article 8 (1) of the Convention. The Commission further concluded that the domestic law of the United Kingdom contained neither legal rules formulated with sufficient precision nor a framework indicating with the requisite degree of certainty the scope and manner of the exercise of discretion by the Security Service in the carrying out of secret surveillance activities to render interference “in accordance with the law” within Article 8 (2). Finally the Commission concluded that since no information was forthcoming in relation to how the United Kingdom had chosen to provide an effective remedy under its domestic law that the applicants did not have an effective remedy as required by Article 13.”

There’s some interesting detail therein about the workings of the Security Service, e.g.,

“The procedure for opening a file is strictly controlled. It may start as a temporary file, which has a maximum life of three years, when there is uncertainty whether the criteria for opening a permanent file are satisfied. These criteria have their basis in the Service’s functions and require high standards of accuracy. If and when these criteria are satisfied, the permanent file will be opened. The Service then applies a system of colour coding which controls how files are used. Once a file is opened, there is a period coded “green:, during which inquiries may be made about the subject. The length of the green period varies according to the reason why the particular file was made. It may be extended as a result of the receipt of new information. At the end of the green period it changes to “amber”, under which inquiries are prohibited, but any relevant information that the Service receives about the subject may be added to the file. After the designated amber period the file is coded “red”. During this period, inquiries continue to be prohibited and any addition of substantive information is also prohibited. Finally, after a period of red coding, the file is microfilmed. The hard copy is destroyed and the entry for the file in the Service’s central index is transferred from the Live Index to the Research Index. The Research Index is usually consulted only when it is thought that old files may exist which are relevant to current work. In practice the volume of check against the Research Index is small: for instance, it is not consulted in vetting checks.”

GCHQ’s director’s Turing speech – a research team manual?

Just read the (4 Oct 2012) speech about Alan Turing, given by Iain Lobban, Director GCHQ, at the University of Leeds.

Fantastic stuff in there. Here are some excerpts.

On learning to solve problems

“… [Turing] reported to Bletchley Park as agreed and immediately started working with [Dilly] Knox [expert on the Enigma cypher …]. Knox’s influence on Turing at this time is immense. The older veteran cryptanalyst shared everything he knew about Enigma with Turing, who eventually used this knowledge to write the first four chapters of his treatise on Enigma […]

“…[Turing] was happy to learn from Dilly Knox, happy to use that knowledge as the foundation for what he would develop subsequently, and was diligent in recording what he had learned and how he developed that into new areas so that others could profit from his knowledge just as he had profited from that of Knox.”

“Knox could only take Turing so far and his quest for experience-based understanding of the cryptanalysis of Enigma took Turing to France in January 1940…”

Team work

“There are lots of different ways in which people can work as part of a team. Turing’s way was to take in other people’s ideas, develop and build on them, and then pass the product on to other people to be the foundation for the next stage. He took the idea of electromechanical processing of Enigma messages from the Poles but developed their idea into something radically different. When Welchman later enhanced the Bombe with his diagonal board, Turing was among the first to congratulate him on this major improvement. Turing was part of the team, and shared in the success of the team.”

Respecting diversity

“I strongly believe a Sigint agency needs the widest range of skills possible if it is to be successful, and to deny itself talent just because the person with the talent doesn’t conform to a social stereotype is to starve itself of what it needs to thrive.”

“I don’t want to pretend that GCHQ was an organisation with twenty-first century values in the twentieth century, but it was at the most tolerant end of the cultural spectrum. In an organisation which valued the skills and characteristics that difference can bring, Turing’s homosexuality was less of a talking point than his insights into the complex crypt problems of the day. When he was put on trial, Hugh Alexander, the Head of Cryptanalysis at GCHQ went, with official approval, to speak as a character witness on his behalf, saying in court that Turing was a national asset.”

Exploiting serendipity

“Geoffrey Tandy was posted to Bletchley by the Admiralty in a spirit of helpfulness: his posting officer had understood him to be an expert in cryptograms, a word still used in the Admiralty at that time to mean messages signalled in code. In fact he was an expert in cryptogams: non-flowering plants like ferns, mosses and seaweeds. But while this knowledge might not have appeared to be of much use, Tandy became expert in German naval Enigma and because of his work on seaweed was able to provide unique advice on the preservation of cryptologic documents rescued from the sea.”

The role of management

“Part of my job is to continue to foster that atmosphere: to attract the very best people and harness their talents, and not allow preconceptions and stereotypes to stifle innovation and agility.”

Datamining to catch terrorists

Apparently it wouldn’t work, say the following groups of the US National Academies:

in this book: Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Assessment.

[via The Register]

Psychological assessment at NSA

The Memory Hole managed to obtain all non-classified forms used at the NSA (claims NSA). Two nice finds:

A questionnaire including questions related to psychiatric conditions and family upbringing, after which is a table for, e.g., BDI scores
A word completion task

If you got here via Google because you’re applying to work for NSA, probably best not to email me about the assessment, eh? (Yes, some people have.)

Robin Cook’s resignation speech (17 Mar 2003)

(Full text over here.)

… It is not France alone that wants more time for inspections. Germany wants more time for inspections; Russia wants more time for inspections; … The reality is that Britain is being asked to embark on a war without agreement in any of the international bodies of which we are a leading partner—not NATO, not the European Union and, now, not the Security Council.

…

The threshold for war should always be high. None of us can predict the death toll of civilians from the forthcoming bombardment of Iraq, but the US warning of a bombing campaign that will “shock and awe” makes it likely that casualties will be numbered at least in the thousands…

Iraq probably has no weapons of mass destruction in the commonly understood sense of the term—namely a credible device capable of being delivered against a strategic city target. It probably still has biological toxins and battlefield chemical munitions, but it has had them since the 1980s when US companies sold Saddam anthrax agents and the then British Government approved chemical and munitions factories. Why is it now so urgent that we should take military action to disarm a military capacity that has been there for 20 years, and which we helped to create? …

… I have heard it said that Iraq has had not months but 12 years in which to complete disarmament, and that our patience is exhausted. Yet it is more than 30 years since resolution 242 called on Israel to withdraw from the occupied territories. We do not express the same impatience with the persistent refusal of Israel to comply.

… Nor is our credibility helped by the appearance that our partners in Washington are less interested in disarmament than they are in regime change in Iraq. That explains why any evidence that inspections may be showing progress is greeted in Washington not with satisfaction but with consternation: it reduces the case for war.

… On Iraq, I believe that the prevailing mood of the British people is sound. They do not doubt that Saddam is a brutal dictator, but they are not persuaded that he is a clear and present danger to Britain. They want inspections to be given a chance, and they suspect that they are being pushed too quickly into conflict by a US Administration with an agenda of its own. Above all, they are uneasy at Britain going out on a limb on a military adventure without a broader international coalition and against the hostility of many of our traditional allies.

… It has been a favourite theme of commentators that this House no longer occupies a central role in British politics. Nothing could better demonstrate that they are wrong than for this House to stop the commitment of troops in a war that has neither international agreement nor domestic support…

Katharine Gun

Interesting elaboration of the story over at New Statesman.

The Lords discussion around the time of the discontinuation of the case is helpful for picking up the context (over at Hansard). I found this intriguing, from Lord Wright of Richmond:

“I believe I am right in recording that following the Ponting case a counsellor was appointed to help individuals in the intelligence and security agencies—I think I am right in remembering that that included GCHQ but it may not have done—faced with crises of conscience about intelligence matters. Can the noble and learned Lord tell us whether that post still exists; whether the counsellor was used in this case; and whether Mrs Gun consulted him? If not, I suggest that the existence of a counsellor, if he is still in post, is brought to the attention of all employees in the security and intelligence agencies.”

Not sure what this counsellor does. Is the idea that you go with a crisis of conscience and they give you a dose of CBT to cure it?

SIS and Harrods

Some great stuff in the transcripts for “Miss X”‘s testimony on the information SIS keeps on people, how it’s stored, who has access, etc. Okay, it’s not terribly revealing. But my favourite bit:

…
2 Q. Was there any trace of SIS having sources or contacts or
3 others employed at Harrods?
4 A. No, there were not.
5 Q. I think you did have a number of hits.
6 A. Yes, I did, in relation to gift hampers.
7 Q. Yes. I suppose we can infer then that SIS bought
8 hampers from Harrods.
9 A. Where people had purchased Harrods gift hampers, yes.
10 Q. I do not know if that will give comfort to Mr Al Fayed
11 or not.

Update. Others here:

‘E’, ‘I’, ‘4’, ‘6’, Statements of ‘1’ and ‘5’
Statement of ‘F’ and Sir John Adye (former director, GCHQ)
‘H’, Gerald Posner
‘Miss X’
‘A’
Sir Richard Dearlove (here and here)
Richard Tomlinson (here and here)

The phrase “in the interests of economic well-being”

Appears all over British government documents. This explains what it means, in a 2000 Commons committee debate on the Regulation of Investigatory Powers Bill:

“There is the provision for action—the tasking of our intelligence agencies—in the interests of the economic well-being of the United Kingdom. Those who have followed these matters know that that is a well-worn provision. It is in existing legislation, and is provided for in the European Convention on Human Rights. It sometimes causes puzzlement as to what it can mean.

“Examples of where it might be useful are where there is instability in a part of the world where substantial British economic interests were at stake, or where there was a crisis or a huge difficulty about the continued supply of a commodity on which our economy depended.

“The House will notice that the Bill restricts the activities of the SIS and GCHQ for safeguarding the economic well-being of the country to the acts or intentions of persons outside the United Kingdom. […]

“The examples that Douglas Hurd gave are clear. One is coded speak for oil—

“the continued supply of a commodity on which our economy depended.“